A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
What is the connection between your client and server? Is it wireless and going over the router first? Does it work with a direct, wired connection between client and server?
If your connection goes over your router, does your router have a DNS server? What options do you have for DNS config on your router?
Here is how I would diagnose (I'm assuming you have Linux / WSL on a client)
dig $domain check which server answereddig a $domain should give a recorddig a $domain @server to make sure you're querying the right serverIf none work, probably network issue (DNS boind to wrong IP, firewall, etc)
If 3 and 5 work but 4 doesn't, your DNS isn't authorative.
If only 5 works DNS settings on the client is wrong.
You also could do nslookup on Windows
nslookup is available on macOS and most Linux distros as well (and very helpful indeed).
Don't you mean dig
Well, dig is available also of course, but nearly all distros still include nslookup despite it getting deprecated. I like the simplicity of its interactive mode.
Host is also really great with more human-readable output.
Don’t get me wrong, when things are getting hairy, you’re going to make a lot of use of dig. I just find that most troubleshooting can be taken care of a lot simpler with host or nslookup.
Thanks for giving it some thought!
I have been testing using dig @192.168.0.249 study.lan
3, 4, and 5 work for TXT, NS and SOA but doesn’t work for A records. I think this rules out a simple network issue?
Just to be sure you do dig A @server $domain (with the "A") and can confirm the following
SERVER is your server
;; ANSWER SECTION is empty (or doesn't exist)
;; AUTHORITY SECTION mentions your local DNS server
Also check
dig NS @server $domain
Is your server in the answer section?
Yes, everything looks right. I moved dhcp resolution from the router to technitium recently, but hadn’t set up local resolution.
I’m currently thinking the router is the culprit. Here in the UK there are lots of forum posts complaining about the Virgin Media gear. Nothing specifically describes my problem but I’m going to try a new router over the weekend.
Seems weird to me, the router would need to do deep packet inspection of DNS and selectively block specific ones. It feels more like you've set up your DNS to do forwarding instead of resolution. Can you post a network diagram and the DNS config?
Not sure how technitium works but just from my selfhosting experience are you sure your not hitting dns-rebinding protection somwhere.
In short DNS rebinding stops domains from being resolved to private IP ranges so you don't end up back in your Network when you seem to be resolving a public domain.
I have to set up any domains that resolve locally in my router (which also does DNS and DHCP) but not sure if that's necessary with technitium
Run Wireshark on the client to see if you actually got the reply.
Thanks for the suggestion, I’ll grab a cap to check.
I’m running tcpdump -i any port 53. I can see the outbound request but not the reply. Will the cap show me anything more?
Do tcpdump host $server instead. Otherwise you will only see the request (the response goes to a different port).
How exactly are you testing this from your client, with ping? What are you using to query the DNS?
If you run nslookup from the client
I’m assuming you’ve run ifconfig to verify your client’s NIC has been assigned the correct DNS via DHCP?
Thanks for replying, I appreciate the response.
I’m running dig @192.168.0.249 study.lan from my client (a MacBook).
If I run ‘dig @192.168.0.249 study.lan TXT’ I get a correct response (I have added a txt record)
If I run ‘dig @192.168.0.249 lan SOA’ or ‘NS’ I correctly get the records for the zone.
I think this eliminates the possibility of it being a routing error?
Yeah if you can dig a record and received a response it’s not a routing issue.
But aren’t you on the same subnet as your DNS server? There’s no routing happening if you’re on the same subnet which I was assuming.
Even through dig defaults to outputting A records when no other options are specified, I would use the A option anyway just in case:
dig @192.168.0.249 study.lan A
If you use “ping study.lan” do you see it output the A record IP address in the first line of output?
Did you try using nslookup as I described?
I switched out the router and things started working. Very weird, but I can’t tho jot anything other than it being the Virgin Media hub not liking it. Apparently they have history on this.
Very strange, but glad you worked it out!
I’ll keep this thread in mind if I ever run into something similar.